Update Info


Security update for ansible

Type: security
Severity: moderate
Issued: 2019-04-03
This update for ansible to version 2.7.8 fixes the following issues:

Security issues fixed: 	  

- CVE-2018-16837: Fixed an information leak in user module (bsc#1112959).
- CVE-2018-16859: Fixed an issue which clould allow logging of password in plaintext in Windows powerShell (bsc#1116587).
- CVE-2019-3828: Fixed a path traversal vulnerability in fetch module (bsc#1126503).
- CVE-2018-10875: Fixed a potential code execution in ansible.cfg (bsc#1099808).
- CVE-2018-16876: Fixed an issue which could allow  information disclosure in vvv+ mode with no_log on (bsc#1118896).

Other issues addressed: 

- prepare update to 2.7.8 for multiple releases (boo#1102126, boo#1109957)

Release notes: https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#id1



  • ansible-2.7.8-bp150.3.6.1